Looks like some solid progress is being made towards an iOS 11.1.2 jailbreak. Today, a new proof-of-concept was released specifically for iOS 11.1.2 firmware.

What is async_wake?

async_wake is an adaptation of Abraham Masri’s “get uid: 0” project. It is developed by Benji, who is a newcomer on the jailbreak scene.

It’s just a PoC at this point and should not be mistaken for a full-fledged jailbreak, should you so believe.

It utilizes the following bugs and chains everything together to get root access.

• CVE-2017-13865

• CVE-2017-13861

• CVE-2016-7612

• CVE-2016-7633

You can’t modify root with this project alone as a we still require a working KPP bypass. However, you can edit /var without getting a kernel panic.

This will allow you to run some basic tweaks and customize your device’s resolution thanks to temporary root access. Apart from that, there’s not much else it can do.

Compatibility

All 64-bit devices including the iPhone X are supported at the moment.

Earlier, only a handful of models were compatible due to missing offsets. The developer promptly fixed this issue by swithcing over to an “offsetless” approach.

Firmware

Firmware support is for iOS 11.1.2 only. However, this doesn’t mean iOS 11.1.1 and older iOS 11 versions are incompatible.

The reason behind this is that this PoC only contains exploits for iOS 11.1.2 right now.

Find the repo from here, and you can install it to your iDevice with Cydia Impactor.

Xcode Project

Since it’s a proof-of-concept, you will need to make prior preparations and compile it manually. Here’s how you can compile and run it as an XCode project.

• Call get_root() method

• Store the uid (user ID)

• Call setuid(old_uid)

You will now get root access without running a jailbreak.

Is it worth installing?

This ipa does really nothing to the average user, if you are able to install and run it, all you’ll see is a white screen with text (meaning exploit worked). This is basically useless for the average user.

async_wake still requires a lot of work to achieve a jailbreak but it looks like things are moving in the right direction.

With that being said, the developer is looking into a way to turn it into a semi-jailbreak like Houdini.